Google's USB stick in support of passwords
Digital giant Google has announced that since 2017, none of its employees have been the victim of computer hacking.
We are talking about 85,000 people here exactly. A pretty surprising figure given the context. So what could be the secret of the American company. This is how she will wink at her security keys.
This article will also interest you: Data security: a possible strategy without a password
"We haven't had any account takeovers, reported or confirmed, since we implemented security keys," the California-based group's spokesman said at the time. It is known, for example, that the security system deployed within the group is not limited simply to the use of passwords. Because it would be very easy for a hacker to compromise it with several forms of attack such as phishing, where exploits of security vulnerabilities not to mention keystroke recorders.
So Google decided to opt for another solution in addition to using the classic solution. It's the one that uses physical security keys. This tool is called Titan Security Key. There are two versions. A USB key version that can connect to the computer, converting to Bluetooth badge format to connect to smartphones. These items will make your business more secure when you log in to your online accounts. They will then take the form of some dual-factor authentication. A method that seems effective in combating data theft as well as unsired intrusions.
Speaking of dual-factor authentication, we will highlight this strategy of a web service user to take several steps to identify themselves. In most cases, the first step is to enter your password in the direction indicated. In addition to the password another security code or other procedure is then required to confirm the identification. The most common method of two-factor authentication is text code. This will make it difficult for the hacker to impersonate you on one of your accounts, for example without having both codes. This is usually more difficult.
However, the dual-factor authentication system used through SMS has also shown its limitations with the development of SIM swapping, a hacking strategy that involves duplicating a person's SIM card in order to access the content of those messages and other information. So the idea was to switch to biometric technology. However, the question of privacy automatically a quick one. One wonders how the data will be managed if it is stored on the servers of publishers of other digital services sites.
This is the problem that the security keys are responding to. The example of Google's key uses the security system called Universal 2nd Factor (U2F). When the key is connected to the terminal, once the password is typed, the password automatically takes care of the dual authentication. This means that there is no code to compose or anything to receive by SMS. This turns out to be a solution of choice. This prevents us from being exposed not only to SIM swapping, but also to the privacy issue of the biometric sensor.
Now access an unlimited number of passwords: